openwrt/staging/rmilecki.git
3 years agolldpd: bump to 1.0.9
Stijn Tintel [Mon, 5 Apr 2021 14:35:39 +0000 (17:35 +0300)]
lldpd: bump to 1.0.9

Contains fixes related to CVE-2020-27827.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
3 years agolldpd: add libcap dependency
Stijn Tintel [Thu, 11 Mar 2021 23:10:07 +0000 (01:10 +0200)]
lldpd: add libcap dependency

Now that libcap is in OpenWrt base, we can drop our custom patch to
disable libcap support and have lldpd depend on it instead. This will
allow the monitor process to drop its privileges instead of running as
root, improving security.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
3 years agolibcap: bump to 2.48
Stijn Tintel [Thu, 11 Mar 2021 23:08:25 +0000 (01:08 +0200)]
libcap: bump to 2.48

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agolibcap: drop invalid copyright header
Stijn Tintel [Thu, 11 Mar 2021 23:03:43 +0000 (01:03 +0200)]
libcap: drop invalid copyright header

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agolibcap: import from packages feed
Stijn Tintel [Thu, 11 Mar 2021 23:03:22 +0000 (01:03 +0200)]
libcap: import from packages feed

Having libcap in OpenWrt base allows us to enable libcap support in
other packages in base.

In lldpd, this would allow the monitor process to drop its privileges
instead of running as root, improving security. It will also allow us to
drop our patch to disable libcap.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agobcm4908: enable JFFS2 support
Rafał Miłecki [Mon, 5 Apr 2021 08:44:46 +0000 (10:44 +0200)]
bcm4908: enable JFFS2 support

It's needed for accessing JFFS2 bootfs partition.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agofirmware-utils: bcm4908img: add bootfs support
Rafał Miłecki [Fri, 2 Apr 2021 15:28:21 +0000 (17:28 +0200)]
firmware-utils: bcm4908img: add bootfs support

This adds support for accessing bootfs JFFS2 partition in the BCM4908
image. Support includes:
1. Listing files
2. Renaming file (requires unchanged name length)

Above commands are useful for flashing BCM4908 images which by defualt
come with cferom.000 file and require renaming it.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agofirmware-utils: bcm4908img: support extracting image data
Rafał Miłecki [Fri, 2 Apr 2021 14:31:43 +0000 (16:31 +0200)]
firmware-utils: bcm4908img: support extracting image data

It's useful for upgrading cferom, firmware, etc.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agofirmware-utils: bcm4908img: find cferom size
Rafał Miłecki [Fri, 2 Apr 2021 13:04:46 +0000 (15:04 +0200)]
firmware-utils: bcm4908img: find cferom size

It's important for modifying / extracting firmware content. cferom is
optional image content at the file beginning.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agofirmware-utils: bcm4908img: use "info" command displaying file info
Rafał Miłecki [Fri, 2 Apr 2021 12:12:58 +0000 (14:12 +0200)]
firmware-utils: bcm4908img: use "info" command displaying file info

BCM4908 image format contains some info that may be useful for info /
debugging purposes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agofirmware-utils: bcm4908img: support reading from stdin
Rafał Miłecki [Sun, 4 Apr 2021 12:53:00 +0000 (14:53 +0200)]
firmware-utils: bcm4908img: support reading from stdin

1. Don't allow pipe stdin as we need to fseek()
2. Don't alow TTY as it doesn't make sense for binary input

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agofirmware-utils: bcm4908img: detect Netgear vendor firmware
Rafał Miłecki [Fri, 2 Apr 2021 11:59:02 +0000 (13:59 +0200)]
firmware-utils: bcm4908img: detect Netgear vendor firmware

Netgear uses CHK header which needs to be skipped when validating
BCM4908 image. Detect it directly in the bcm4908img tool. Dealing with
binary structs and endianess is way simpler in C.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agofirmware-utils: bcm4908img: extract parsing code
Rafał Miłecki [Fri, 2 Apr 2021 11:02:51 +0000 (13:02 +0200)]
firmware-utils: bcm4908img: extract parsing code

Move code parsing existing firmware file to separated function. This
cleans up existing code and allows reusing parsing code for other
commands.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agoipq40xx: add MikroTik hAP ac2 support
Robert Marko [Thu, 12 Nov 2020 18:45:22 +0000 (19:45 +0100)]
ipq40xx: add MikroTik hAP ac2 support

This adds support for the MikroTik RouterBOARD RBD52G-5HacD2HnD-TC
(hAP ac²), a  indoor dual band, dual-radio 802.11ac
wireless AP with integrated omnidirectional antennae, USB port and  five
10/100/1000 Mbps Ethernet ports.

See https://mikrotik.com/product/hap_ac2 for more info.

Specifications:
 - SoC: Qualcomm Atheros IPQ4018
 - RAM: 128 MB
 - Storage: 16 MB NOR
 - Wireless:
   · Built-in IPQ4018 (SoC) 802.11b/g/n 2x2:2, 2.5 dBi antennae
   · Built-in IPQ4018 (SoC) 802.11a/n/ac 2x2:2, 2.5 dBi antennae
 - Ethernet: Built-in IPQ4018 (SoC, QCA8075) , 5x 1000/100/10 port,
             passive PoE in
- 1x USB Type A port

Installation:
Boot the initramfs image via TFTP and then flash the sysupgrade
image using "sysupgrade -n"

Signed-off-by: Robert Marko <robimarko@gmail.com>
3 years agouboot-mediatek: bpi-r64: no longer force recovery on first-boot
Daniel Golle [Fri, 2 Apr 2021 14:45:02 +0000 (15:45 +0100)]
uboot-mediatek: bpi-r64: no longer force recovery on first-boot

Now that sdcard.gz image contains everything needed to boot straight
into production image, no longer force booting into recovery image on
first boot by removing the logic which implemented that.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agomt76: update to the latest version
Felix Fietkau [Sun, 4 Apr 2021 09:28:48 +0000 (11:28 +0200)]
mt76: update to the latest version

465dda65ee84 mt7615,mt7915: replace fw log 0-terminating code with wiphy info length limit
62b13f5352b8 mt76: mt7921: fix key set/delete issue
0ff3a336a8d8 mt7615,mt7915: fix a compiler warning
113ba8a81d54 mt76: mt7615: remove redundant dev_err call in mt7622_wmac_probe()
be1ab3b9ae7c mt76: mt7921: fix typo in mt7921_pci_resume
4e22f0dc934b mt76: mt7915: fix txpower init for TSSI off chips
e66a0b9b8d66 mt76: mt7615: always wake the device in mt7615_remove_interface
38f656768a90 mt76: mt7921: always wake the device in mt7921_remove_interface
6ee4770de083 mt76: mt7921: rework mt7921_mcu_debug_msg_event routine
e578b4b8d56a mt76: mt7615: fix .add_beacon_offload()
f8c6c7cbf10f mt76: mt7915: fix mt7915_mcu_add_beacon

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agokernel: bump 5.10 to 5.10.27
Kevin Darbyshire-Bryant [Tue, 30 Mar 2021 21:01:27 +0000 (22:01 +0100)]
kernel: bump 5.10 to 5.10.27

Use update_kernel to refresh all patches, required manual updates to:

610-netfilter_match_bypass_default_checks.patch
611-netfilter_match_bypass_default_table.patch
762-net-bridge-switchdev-Refactor-br_switchdev_fdb_notif.patch
764-net-bridge-switchdev-Send-FDB-notifications-for-host.patch

Run-tested: x86_64

Nothing screamed out but any funny business with linux bridging should
suspect this update first.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agonetifd: update to Git version 2021-04-03
Hauke Mehrtens [Sat, 3 Apr 2021 17:11:38 +0000 (19:11 +0200)]
netifd: update to Git version 2021-04-03

f8899b9 netifd: bridge: set default value for igmp_snoop
327da98 netifd: add possibility to switch off route config

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agouclient: update to Git version 2021-04-03
Hauke Mehrtens [Sat, 3 Apr 2021 17:04:53 +0000 (19:04 +0200)]
uclient: update to Git version 2021-04-03

83efca2 tests: fix possibly longer start of HTTP server
64e00d6 uclient-fetch: document missing options

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agohostapd: enable airtime policy for the -basic variants
Rui Salvaterra [Wed, 25 Nov 2020 23:03:48 +0000 (23:03 +0000)]
hostapd: enable airtime policy for the -basic variants

Airtime policy configuration is extremely useful in multiple BSS scenarios.
Since nowadays most people configure both private and guest networks (at
least), it makes sense to enable it by default, except for the most limited
of the variants.

Size of the hostapd-basic-openssl binary (mipsel 24Kc -O2):
543944 bytes (airtime policy disabled)
548040 bytes (airtime policy enabled)

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Acked-by: Daniel Golle <daniel@makrotopia.org>
3 years agorealtek: rename partitions in Netgear DTSI
Stijn Segers [Sun, 28 Feb 2021 21:50:15 +0000 (22:50 +0100)]
realtek: rename partitions in Netgear DTSI

Switch the Netgear DTSI for the Realtek target from the OEM partition
naming scheme to accepted OpenWrt naming practices. A quick git grep for
'u-boot-env' e.g. in the OpenWrt tree turns up almost 500 hits whereas
grepping for 'bdinfo' (the OEM equivalent) returns a meagre 14.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
3 years agozram-swap: bail out early if the kernel doesn't support swap
Rui Salvaterra [Thu, 1 Apr 2021 13:36:33 +0000 (14:36 +0100)]
zram-swap: bail out early if the kernel doesn't support swap

Since KERNEL_SWAP is only enabled by default for !SMALL_FLASH targets, we need
to check if the current kernel supports swap before trying to configure
zram-swap, as opkg can't check for kernel dependencies.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years agozram-swap: clean up the makefile
Rui Salvaterra [Thu, 1 Apr 2021 13:36:32 +0000 (14:36 +0100)]
zram-swap: clean up the makefile

Break dependencies into separate lines, to improve the readability. Trim
trailing whitespace.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years agolantiq: add basic support for AVM FRITZ!Box 3390
Andreas Böhler [Thu, 23 Jan 2020 20:20:38 +0000 (21:20 +0100)]
lantiq: add basic support for AVM FRITZ!Box 3390

The FRITZ!Box 3390 actually contains two SoCs, one Lantiq with a
5GHz WiFi and one AR9342 with a 2.4GHz WiFi. Only the Lantiq
has access to the flash memory, the Atheros runs fully from RAM.

Specifications
--------------

  - Lantiq 500 MHz
  - 128MiB RAM
  - 128MiB NAND
  - 256k Flash
  - AR9580 5GHz WiFi
  - AR9342 560 MHz
  - 64MiB RAM
  - AR9328 2.4GHz WiFi

Remarks
-------

This commit only adds support for the Lantiq side of things and
prepares the drivers for communication with the Atheros SoC. Thus,
only 5GHz WiFi works by default, the 2.4GHz WiFi will be added via
another target.

Some kernel patches will be required to add support for the Atheros SoC.

Installation
------------

Use the eva_ramboot.py script to boot the initramfs image. Then, transfer
the sysupgrade image to the device and run sysupgrade to flash it to the
NAND.

Signed-off-by: Andreas Böhler <dev@aboehler.at>
Acked-by: Aleksander Jan Bajkowski A.Bajkowski@stud.elka.pw.edu.pl
Signed-off-by: Joachim Cerny <cocktail_yogi@web.de>
3 years agolantiq: VR9: fix gpio-hog by defining the GPIO ranges
Joachim Cerny [Tue, 8 Dec 2020 16:41:56 +0000 (17:41 +0100)]
lantiq: VR9: fix gpio-hog by defining the GPIO ranges

defined gpio-ranges according to Reference: https://github.com/torvalds/linux/blob/master/drivers/pinctrl/pinctrl-xway.c#L864
This change is needed by gpio-hog on Fritzbox 3390
thx to @abajk

Acked-by: Aleksander Jan Bajkowski A.Bajkowski@stud.elka.pw.edu.pl
Signed-off-by: Andreas Böhler <dev@aboehler.at>
Signed-off-by: Joachim Cerny <cocktail_yogi@web.de>
3 years agolantiq: use ActualNetDataRate for speed reporting
Jeroen Peelaerts [Tue, 9 Feb 2021 22:33:51 +0000 (23:33 +0100)]
lantiq: use ActualNetDataRate for speed reporting

Switch to Actual Net Data Rate (ACTNDR) for speed reporting on lantiq VDSL modems

Refer to ITU-T G.997.1 chapter 7.5.2.8

Independent whether retransmission is used or not in a given transmit direction:
-   In L0 state, this parameter reports the Net Data Rate (as specified in G.992.3, G.992.5 or G.993.2) at which the bearer channel is operating.
-   In  L2 state, the parameter contains the Net Data Rate (as specified in G.992.3, G.992.5 or G.993.2) in the previous L0 state.

Signed-off-by: Jeroen Peelaerts <jeroen.peelaerts@gmail.com>
Reviewed-by: Andre Heider <a.heider@gmail.com>
3 years agolantiq: enable G.INP retransmission counters
Jeroen Peelaerts [Sat, 16 May 2020 10:12:46 +0000 (12:12 +0200)]
lantiq: enable G.INP retransmission counters

This commit adds monitoring for a couple of DSL line features that are
present in the lantiq firmware blobs.

* G.INP ON/OFF
* Trellis encoding ON/OFF
* Virtaul Noise ON/OFF
* Bitswap ON/OFF

Difference in size for ltq-vdsl-app = 1k
Difference in size for kmod-ltq-vdsl-vr9 < 1k

Reviewed-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Jeroen Peelaerts <jeroen.peelaerts@gmail.com>
3 years agoramips: fix IMAGE_SIZE of HC5x6: fix image size of HC5x61
Shiji Yang [Thu, 4 Mar 2021 09:59:14 +0000 (17:59 +0800)]
ramips: fix IMAGE_SIZE of HC5x6: fix image size of HC5x61

"firmware" partition size defined in the device tree file is 0xf70000,
so the right IMAGE_SIZE is 15808k

Fixes: df1e5d646345 ("ramips: fix partition layout of hiwifi hc5x61")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
3 years agoramips: Fix booting on MQmaker WiTi board
Daniel Engberg [Fri, 19 Mar 2021 11:18:02 +0000 (12:18 +0100)]
ramips: Fix booting on MQmaker WiTi board

This fixes the dreaded "lzma error 1" also reported on similar devices
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3057

Fixes: FS#3057
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
3 years agoramips: Fix booting on MTC WR1201
René van Dorst [Sat, 20 Mar 2021 19:15:14 +0000 (20:15 +0100)]
ramips: Fix booting on MTC WR1201

This fixes the dreaded "lzma error 1" also reported on similar devices
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3057

Fixes: FS#3057
Signed-off-by: René van Dorst <opensource@vdorst.com>
3 years agoarmvirt: add 5.10 testing kernel
Aleksander Jan Bajkowski [Fri, 5 Mar 2021 19:16:35 +0000 (20:16 +0100)]
armvirt: add 5.10 testing kernel

Add 5.10 as testing kernel. Builds successfully with
CONFIG_ALL_KMODS=y enabled.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
3 years agoarmvirt: refresh 5.10 config
Aleksander Jan Bajkowski [Fri, 5 Mar 2021 19:18:20 +0000 (20:18 +0100)]
armvirt: refresh 5.10 config

This was done by executing these commands:
$ make kernel_oldconfig CONFIG_TARGET=subtarget
$ make kernel_oldconfig CONFIG_TARGET=subtarget_platform

Some common symbols have been moved to target config.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
3 years agoarmvirt: copy config files for 5.10
Aleksander Jan Bajkowski [Fri, 19 Mar 2021 18:44:12 +0000 (19:44 +0100)]
armvirt: copy config files for 5.10

Copy config and patches for 5.10.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
3 years agoarmvirt: refresh 5.4 config
Aleksander Jan Bajkowski [Thu, 4 Mar 2021 23:51:04 +0000 (00:51 +0100)]
armvirt: refresh 5.4 config

This was done by executing these commands:
$ make kernel_oldconfig CONFIG_TARGET=subtarget
$ make kernel_oldconfig CONFIG_TARGET=subtarget_platform

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
3 years agobase-files: fix status display command
Alexander Egorenkov [Sun, 28 Mar 2021 08:45:08 +0000 (10:45 +0200)]
base-files: fix status display command

If service() is called w/o parameter then the status display for services
with multiple instances is incorrect. E.g. samba4 or wpad have 2 instances.

root@OpenWrt:~# /etc/init.d/samba4 status
running
root@OpenWrt:~# /etc/init.d/wpad status
running

Before change:
/etc/init.d/samba4                 enabled         stopped
/etc/init.d/wpad                   enabled         stopped

After change:
/etc/init.d/samba4                 enabled         running
/etc/init.d/wpad                   enabled         running

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
3 years agoiproute2: fix libbpf detection with NLS enabled
Tony Ambardar [Sat, 27 Mar 2021 12:43:03 +0000 (05:43 -0700)]
iproute2: fix libbpf detection with NLS enabled

Upstream iproute2 detects libbpf using a one-line $CC test-compile, which
normally ignores LDFLAGS. With NLS enabled however, LDFLAGS includes an
"rpath-link" linker option needed to resolve libintl.so. Its absence
causes both the compile and libbpf detection to fail:

  ld: warning: libintl.so.8, needed by libbpf.so, not found (try using
      -rpath or -rpath-link)
  ld: libelf.so.1: undefined reference to `libintl_dgettext'
  collect2: error: ld returned 1 exit status

Fix this by directly including $LDFLAGS in the test-compile command.

Reported-by: Ian Cooper <iancooper@hotmail.com>
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
3 years agobinutils: fix libbfd missing DSO dependency if NLS enabled
Tony Ambardar [Sun, 28 Mar 2021 07:40:31 +0000 (00:40 -0700)]
binutils: fix libbfd missing DSO dependency if NLS enabled

The libbfd package definition uses $(ICONV_DEPENDS) and $(INTL_DEPENDS)
but links against neither, leading to libbfd detection failures in other
packages (e.g. bpftools) and on-target relocation problems with libintl.so:

  root@OpenWrt:/# ldd /usr/lib/libbfd.so
        ldd (0x77db6000)
        libc.so => ldd (0x77db6000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77c6d000)
  Error relocating /usr/lib/libbfd.so: libintl_dgettext: symbol not found

Add NLS-conditional linking of "libintl" to fix this. Also remove libbfd
package dependency $(ICONV_DEPENDS) which is not used during building or
linking.

Tested with QEMU on malta/be32, after building all packages from binutils,
bpftools and iproute2, using different libc options musl and glibc.

Fixes: 08e817569630 ("binutils: use nls.mk to fix libbfd link errors in
other packages")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
3 years agobpftools: drop unneeded libintl linking for NLS
Tony Ambardar [Sun, 28 Mar 2021 08:12:22 +0000 (01:12 -0700)]
bpftools: drop unneeded libintl linking for NLS

There is no direct linking of libintl from bpftools, only secondary linking
through libelf, so remove "-lintl" from TARGET_LDFLAGS.

Fixes: 5582fbd6135f ("bpftools: support NLS, fix ppc build and update to 5.8.9")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
3 years agokernel: bump 5.4 to 5.4.109
John Audia [Tue, 30 Mar 2021 14:52:07 +0000 (10:52 -0400)]
kernel: bump 5.4 to 5.4.109

Ran update_kernel.sh in a fresh clone without any existing toolchains.

Manually rebased:
  pending-5.4/611-netfilter_match_bypass_default_table.patch

The upstream change affecting this patch is the revert of an earlier
kernel commit. Therefore, we just revert our corresponding changes
in [1].

Build system: x86_64
Build-tested: ipq806x/R7800

[1] 9b1b89229f0e ("kernel: bump 5.4 to 5.4.86")

Signed-off-by: John Audia <graysky@archlinux.us>
[adjust manually rebased patch, add explanation]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agobcm53xx: enhance support for Linksys EA9500
Vivek Unune [Fri, 13 Nov 2020 13:43:00 +0000 (08:43 -0500)]
bcm53xx: enhance support for Linksys EA9500

1. Add leds and configs
2. Add network configs
3. Add script to clear partial boot flag
4. Hack to use port 5 as cpu port as port 8 connected to eth2
   wont pass any frames
5. Enable EA9500 image generation

Hardware Info:

- Processor - Broadcom BCM4709C0KFEBG dual-core @ 1.4 GHz
- Switch - BCM53012 in BCM4709C0KFEBG & external BCM53125
- DDR3 RAM - 256 MB
- Flash - 128 MB (Toshiba TC58BVG0S3HTA00)
- 2.4GHz - BCM4366 4×4 2.4/5G single chip 802.11ac SoC
- Power Amp - Skyworks SE2623L 2.4 GHz power amp (x4)
- 5GHz x 2 - BCM4366 4×4 2.4/5G single chip 802.11ac SoC
- Power Amp - PLX Technology PEX8603 3-lane, 3-port PCIe switch
- Ports - 8 Ports, 1 WAN Ports
- Antennas - 8 Antennas
- Serial Port - @j6 [GND,TX,RX] (VCC NC) 115200 8n1

Flashing Instructions:

1. Connect a USB-TTL table to J6 on the router as well as a
   ethernet cable to a lan port and your PC.
2. Power-on the router.
3. Use putty or a serial port program to view the terminal.
   Hit Ctrl+C and interrupt the CFE terminal terminal.
4. Setup a TFTP server on your local machine at setup you
   local IP to 192.168.1.2
5. Start the TFTP Server
6. Run following commands at the CFE terminal

   flash -noheader 192.168.1.2:/openwrt.trx nflash0.trx
   flash -noheader 192.168.1.2:/openwrt.trx nflash0.trx2
   nvram set bootpartition=0 && nvram set partialboots=0 && nvram commit

7. Reboot router to be presented by OpenWrt

Note: Only installation method via serial cable is supported at the moment.
The trx firmware has to be flashed to both the partitions using following
commands from CFE prompt. This will cover US and Non-US variants.

Signed-off-by: Vivek Unune <npcomplete13@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agobcm53xx: use upstream Linksys EA9500 fixes
Rafał Miłecki [Thu, 1 Apr 2021 05:00:06 +0000 (07:00 +0200)]
bcm53xx: use upstream Linksys EA9500 fixes

One fix was accepted, one was added.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agofirewall4: update to latest Git HEAD
Jo-Philipp Wich [Wed, 31 Mar 2021 22:21:55 +0000 (00:21 +0200)]
firewall4: update to latest Git HEAD

29fba84 tests: expand testing
6bf82a8 fw4.uc: fix family test functions
25b2c7d fw4.uc: fix parsing boolean "0" values
694d428 rule.uc: fix redundant whitespace in rules without target
7f69fbb ruleset.uc: reduce empty lines in output
8f8e42c fw4.uc: gracefully handle missing defaults section
25287af treewide: remove ucode module preloading
802b685 fw4.uc: remove upvalue caching

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
3 years agoucode: update to latest Git HEAD
Jo-Philipp Wich [Wed, 31 Mar 2021 22:07:56 +0000 (00:07 +0200)]
ucode: update to latest Git HEAD

973cc6c compiler: actually expand block scope fix to for/while alt syntax
97bf297 compiler: ensure that alternative if/for/while syntax has own block scope
f0e2a64 tests: add missing test case for fixed switch codegen

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
3 years agouboot-mediatek: adapt root= cmdline arg for bpi-r64
Daniel Golle [Wed, 31 Mar 2021 20:32:23 +0000 (21:32 +0100)]
uboot-mediatek: adapt root= cmdline arg for bpi-r64

Adapt to FIT partition parser changes.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agokernel: fix FIT partition parser compatibility issues
Daniel Golle [Wed, 31 Mar 2021 20:29:26 +0000 (21:29 +0100)]
kernel: fix FIT partition parser compatibility issues

The uImage.FIT partition parser used to squeeze in FIT partitions in
the range where partition editor tools (fdisk and such) expect the
regular partition. This is confusing people and tools when adding
additional partitions on top of the partition used for OpenWrt's
uImage.FIT.
Instead of squeezing in the additional partitions, rather start with
all uImage.FIT partitions at offset 64.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agobcm4908: backport DT patch adding Ethernet MAC address
Rafał Miłecki [Wed, 31 Mar 2021 21:14:24 +0000 (23:14 +0200)]
bcm4908: backport DT patch adding Ethernet MAC address

This tells OS (Linux) where from MAC should be read (bootloader MTD
partition).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agomediatek: mt7622: improve sysupgrade on MMC
Daniel Golle [Wed, 31 Mar 2021 13:19:16 +0000 (14:19 +0100)]
mediatek: mt7622: improve sysupgrade on MMC

Use generic functions to acquire rootdev.
Make sure to wipe rootfs_data in case of '-n'.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agobase-files: functions: introduce new helper functions
Daniel Golle [Wed, 31 Mar 2021 12:47:35 +0000 (13:47 +0100)]
base-files: functions: introduce new helper functions

Introduce cmdline_get_var() to /lib/function.sh and make use of it in
export_rootdev() in /lib/upgrade/common.sh, making the code more
simple and removing one level of indentation.
Introduce get_partition_by_name() to /lib/upgrade/common.sh which is
useful on non-EFI GPT platforms like mt7622.
Remove some dead-code while at it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agobmips: backport pinctrl fixes
Álvaro Fernández Rojas [Wed, 31 Mar 2021 15:13:36 +0000 (17:13 +0200)]
bmips: backport pinctrl fixes

Backport some minor upstream fixes for the pinctrl drivers.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
3 years agonetifd: update to git HEAD
Daniel Golle [Wed, 31 Mar 2021 00:32:51 +0000 (01:32 +0100)]
netifd: update to git HEAD

 09632d4 device: remove left-over comment
 b22f83d handler: add mechanism to generate external device handler stubs
 80bf9d7 extdev: add support for external device handlers
 44c0f40 system-linux: reorder sysctl functions
 c84f3b0 system-linux: add device options used by wpad

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoramips: mt7620: ralink-i2s: fix modpost error
Ilya Lipnitskiy [Fri, 26 Mar 2021 06:23:01 +0000 (23:23 -0700)]
ramips: mt7620: ralink-i2s: fix modpost error

Fixes the following error when building without CONFIG_MODULE_STRIPPED:
  FATAL: modpost: sound/soc/ralink/snd-soc-ralink-i2s: struct
  of_device_id is not terminated with a NULL entry!

Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
3 years agoramips/mt7621: enable support for cpuidle
Rui Salvaterra [Tue, 30 Mar 2021 22:59:50 +0000 (23:59 +0100)]
ramips/mt7621: enable support for cpuidle

MIPS Coherent Processor Systems (CPS), which include the MT7621 SoC, support
deep sleep idle states and have a specific cpuidle driver for them.
Enable support for it, while also switching from constant timer ticks to the
idle dynticks model, with the TEO governor.

Run-tested on a Redmi AC2100.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years agoramips/mt7621: drop the timer recalibration patch
Rui Salvaterra [Tue, 30 Mar 2021 22:59:49 +0000 (23:59 +0100)]
ramips/mt7621: drop the timer recalibration patch

We've been carrying this patch for many years [1], in order to fix a timer
calibration issue on MT7621. Turns out, after retesting with a recent kernel
(Linux 5.10), the system works perfectly fine without it (no rcu_sched stalls
or inconsistent BogoMIPS values across CPUs).

Manually refreshed:
322-mt7621-fix-cpu-clk-add-clkdev.patch
323-mt7621-memory-detect.patch

[1] https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=6f4a903533361a2906a4d94ac6f597cd9c6c47bc

Suggested-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Tested-by: Donald Hoskins <grommish@gmail.com>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years agoramips/mt7621: drop the weak reordering patch
Rui Salvaterra [Tue, 30 Mar 2021 22:59:48 +0000 (23:59 +0100)]
ramips/mt7621: drop the weak reordering patch

In order to fix random hangs on MT7621, we've been selecting
WEAK_REORDERING_BEYOND_LLSC for years [1]. However, these random hangs have been
most likely caused by an oversight in the MIPS implementation of the kernel
memory consistency model, which has already been fixed for some time (and
backported to stable) [2].

Manually refreshed:
321-mt7621-timer.patch

[1] https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=5c971cd6fdd7298a2017bdb6bea870088eddb8b9
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/arch/mips?h=linux-5.4.y&id=42344113ba7a1ed7b5654cd5270af0d5698d8521

Suggested-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Tested-by: Donald Hoskins <grommish@gmail.com>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years agofirewall: update to latest git HEAD
Hans Dedecker [Mon, 29 Mar 2021 19:04:06 +0000 (21:04 +0200)]
firewall: update to latest git HEAD

a4355a6 firewall3: clean up the flow table detection logic
edd0dc5 firewall3: create a common helper to find strings in files

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
3 years agoncurses: add screen-256color terminfo
Paul Spooren [Mon, 29 Mar 2021 08:31:21 +0000 (22:31 -1000)]
ncurses: add screen-256color terminfo

The terminfo is required by the popular terminal multiplexer screen and
tmux, offer it by default as the size impact is minimal with 885 Bytes.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agoncurses: split long line of supported terminfo
Paul Spooren [Mon, 29 Mar 2021 08:21:49 +0000 (22:21 -1000)]
ncurses: split long line of supported terminfo

The terminfo files were all in one row which is terrible to read.
Split them over multiple lines to improve readability.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agosunxi: enable wifi module on Pine64 boards
Zoltan HERPAI [Sun, 28 Feb 2021 15:42:05 +0000 (16:42 +0100)]
sunxi: enable wifi module on Pine64 boards

The Pine64(+) and the SoPine64 baseboard has an optional BT+WiFi
module, carrying an RTL8723BS. The wifi part is connected via
SDIO, the BT part is connected via UART. The BT part requires
additional code changes in the drivers so we'll skip that until 5.10.
Aside from a DTS patch to enable the wifi module, add the required
packages into the device definitions.

[    8.996970] RTL8723BS: module init start
[    9.000922] RTL8723BS: rtl8723bs v4.3.5.5_12290.20140916_BTCOEX20140507-4E40
[    9.007965] RTL8723BS: rtl8723bs BT-Coex version = BTCOEX20140507-4E40
[    9.014785] pnetdev = 000000009bdd5000
[    9.047780] RTL8723BS: rtw_ndev_init(wlan0)
[    9.053349] RTL8723BS: module init ret =0

root@OpenWrt:/# iw list
Wiphy phy0
        wiphy index: 0
        max # scan SSIDs: 9
        max scan IEs length: 2304 bytes
        max # sched scan SSIDs: 0
        max # match sets: 0
        Retry short limit: 7
        Retry long limit: 4
        Coverage class: 0 (up to 0m)
        Available Antennas: TX 0 RX 0
        Supported interface modes:
                 * IBSS
                 * managed
                 * AP
                 * monitor
        Band 1:
                Frequencies:
                        * 2412 MHz [1] (20.0 dBm)
                        * 2417 MHz [2] (20.0 dBm)
                        * 2422 MHz [3] (20.0 dBm)
                        * 2427 MHz [4] (20.0 dBm)
                        * 2432 MHz [5] (20.0 dBm)
                        * 2437 MHz [6] (20.0 dBm)
                        * 2442 MHz [7] (20.0 dBm)
                        * 2447 MHz [8] (20.0 dBm)
                        * 2452 MHz [9] (20.0 dBm)
                        * 2457 MHz [10] (20.0 dBm)
                        * 2462 MHz [11] (20.0 dBm)
                        * 2467 MHz [12] (20.0 dBm) (no IR)
                        * 2472 MHz [13] (20.0 dBm) (no IR)
                        * 2484 MHz [14] (20.0 dBm) (no IR)

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
3 years agosunxi: enable MUSB in A53 subtarget
Zoltan HERPAI [Sun, 28 Feb 2021 11:51:27 +0000 (12:51 +0100)]
sunxi: enable MUSB in A53 subtarget

The Pine64(+) and the SoPine64 baseboard has two USB ports. One of
these (the lower) is connected directly to a USB host, the other
one's (upper) PHY is shared with the separate OTG controller. In
order to get it working, MUSB support needs to be enabled.

As there are other targets which compile MUSB support into the kernel
and not package it into modules, the same is done here.

[    1.348760] usb usb5: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 5.04
[    1.357029] usb usb5: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[    1.364250] usb usb5: Product: MUSB HDRC host driver
[    1.369219] usb usb5: Manufacturer: Linux 5.4.99 musb-hcd
[    1.374617] usb usb5: SerialNumber: musb-hdrc.1.auto
[    1.379891] hub 5-0:1.0: USB hub found
[    1.383677] hub 5-0:1.0: 1 port detected
[...]
[  697.299440] usb 1-1: new high-speed USB device number 2 using ehci-platform
[  697.461855] usb 1-1: New USB device found, idVendor=090c, idProduct=1000, bcdDevice=11.00
[  697.470038] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  697.477180] usb 1-1: Product: USB Flash Disk

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
3 years agobmips: dts: align LEDs
Álvaro Fernández Rojas [Wed, 24 Mar 2021 10:30:23 +0000 (11:30 +0100)]
bmips: dts: align LEDs

Align all bmips devices LED configurations.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
3 years agobmips: backport accepted pinctrl patches
Álvaro Fernández Rojas [Tue, 2 Mar 2021 19:19:30 +0000 (20:19 +0100)]
bmips: backport accepted pinctrl patches

These patches have been accepted for linux v5.13.
External interrupts not supported for now.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
3 years agobmips: vr-3032u: fix gpio keys
Álvaro Fernández Rojas [Wed, 24 Mar 2021 10:11:47 +0000 (11:11 +0100)]
bmips: vr-3032u: fix gpio keys

These GPIO keys were assigned to incorrect pins.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
3 years agobmips: dgnd3700-v2: fix gpio keys
Álvaro Fernández Rojas [Wed, 24 Mar 2021 10:09:27 +0000 (11:09 +0100)]
bmips: dgnd3700-v2: fix gpio keys

These GPIO keys were assigned to incorrect pins.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
3 years agoucode: update to latest Git HEAD
Jo-Philipp Wich [Mon, 29 Mar 2021 10:50:55 +0000 (12:50 +0200)]
ucode: update to latest Git HEAD

aa9621d compiler: rework switch statement code generation
b5f0de1 vm: add trace mode instruction dump output fixes
0341d64 vm: fix another for-loop memory leak
00d9419 vm: fix further memory leaks in trace mode
20a3763 vm: fix loop variable memory leak in NEXTK/NEXTKV instruction
9a6ef2b lib: prevent use-after-free after uc_shift()
03f1324 object: free prototype object when registering existing ressource type
b3d758b compiler: fix for/break miscompilation
86e3970 lib: fix value refcount of uc_unshift() return value
fe464ea run_tests.sh: allow passing tests to run as arguments
091ae1b compiler: fix another try/catch miscompilation
fcedb19 lib: fix passing uninitialized memory to sigprocmask()
0d0357d vm: fix leaking source context strings in trace mode
7a41fb3 lib: use execvp() in system()

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
3 years agobcm53xx: fix Linksys EA9500 partitions
Rafał Miłecki [Mon, 29 Mar 2021 07:28:47 +0000 (09:28 +0200)]
bcm53xx: fix Linksys EA9500 partitions

Use proper DT binding.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agokernel: backport 5.13 mtd partitioning changes
Rafał Miłecki [Mon, 29 Mar 2021 06:16:17 +0000 (08:16 +0200)]
kernel: backport 5.13 mtd partitioning changes

1. Use upstream accepted NVMEM patches
2. Minor fix for BCM4908 partitioning
3. Support for Linksys firmware partitions on Northstar

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agomac80211: merge a few pending tx related fixes
Felix Fietkau [Sun, 28 Mar 2021 10:15:42 +0000 (12:15 +0200)]
mac80211: merge a few pending tx related fixes

Improve performance and fix potential mgmt tx hangs/warnings

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agofirewall3: update to latest git HEAD
Tony Ambardar [Fri, 26 Mar 2021 05:47:36 +0000 (22:47 -0700)]
firewall3: update to latest git HEAD

This includes several improvements and fixes:

  61db17e rules: fix device and chain usage for DSCP/MARK targets
  7b844f4 zone: avoid duplicates in devices list
  c2c72c6 firewall3: remove last remaining sprintf()
  12f6f14 iptables: fix serializing multiple weekdays
  00f27ab firewall3: fix duplicate defaults section detection
  e8f2d8f ipsets: allow blank/commented lines with loadfile
  8c2f9fa fw3: zones: limit zone names to 11 bytes
  78d52a2 options: fix parsing of boolean attributes

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
3 years agomvebu: Fix mac addresses for GL.iNet GL-MV1000
Sven Eckelmann [Thu, 25 Mar 2021 12:26:15 +0000 (13:26 +0100)]
mvebu: Fix mac addresses for GL.iNet GL-MV1000

The original GL.iNet firmware has two different mac addresses in the
factory/art partition. The first one is for the WAN interface only and the
second one is for both lan0 and lan1.

But the original submission for OpenWrt didn't initialize the mac
addresses of the LAN ports for the DSA device at all. The ethernet mac
address was then used for all DSA ports.

Fixes: 050c24f05c85 ("mvebu: add support for GL.iNet GL-MV1000")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
3 years agoramips: correct switch config of Youku yk1
Shiji Yang [Sun, 21 Mar 2021 09:01:49 +0000 (17:01 +0800)]
ramips: correct switch config of Youku yk1

There are only two lan ports and one wan port on Youku yk1

Fixes: e9baf8265bb8 ("ramips: add support for Youku YK1")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agokernel: bump 5.4 to 5.4.108
John Audia [Wed, 24 Mar 2021 14:14:36 +0000 (10:14 -0400)]
kernel: bump 5.4 to 5.4.108

All modifications made by by update_kernel.sh.

Build system: x86_64
Build-tested: ipq806x/R7800
Run-tested: ipq806x/R7800 [only 5.4.107]
No dmesg regressions, everything functional

Run-tested by @timocapa:
 - ramips/mt7621/{Xiaomi R3G, Redmi 2100}
 - Lantiq/XWAY/Fritz!Box 7320/7330

Signed-off-by: John Audia <graysky@archlinux.us>
[squash, edit commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
3 years agoath79: fix label_mac for NEC Aterm WG1200CR
INAGAKI Hiroshi [Wed, 24 Mar 2021 15:15:57 +0000 (00:15 +0900)]
ath79: fix label_mac for NEC Aterm WG1200CR

On NEC Aterm WG1200CR, the MAC address for WAN is printed in the label
on the case, not LAN.
This patch fixes this issue.

Fixes: 50fdc0374b ("ath79: provide label MAC address")
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
3 years agomvebu: Add button support for GL.iNet GL-MV1000
Sven Eckelmann [Thu, 25 Mar 2021 12:26:15 +0000 (13:26 +0100)]
mvebu: Add button support for GL.iNet GL-MV1000

The original patch to support this device advertised support for the reset
button and the "switch" in the commit message. But neither were actually
integrated in the device tree or documented anywere.

The button itself is now used to trigger a reset (as described in the
official GL.iNet documentation). The switch itself is registered as BTN_0
like other devices from GL.iNet in ath79.

Fixes: 050c24f05c85 ("mvebu: add support for GL.iNet GL-MV1000")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
3 years agokernel: Move CONFIG_USERIO to generic config
Hauke Mehrtens [Thu, 25 Mar 2021 10:31:23 +0000 (11:31 +0100)]
kernel: Move CONFIG_USERIO to generic config

The CONFIG_USERIO option is unset in multiple target configurations. On
the sunxi target it is activated. Move the kernel configuration option
to the generic kernel configuration.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agokernel: Deactivate CONFIG_VFIO in generic kernel config
Hauke Mehrtens [Thu, 25 Mar 2021 10:27:31 +0000 (11:27 +0100)]
kernel: Deactivate CONFIG_VFIO in generic kernel config

Instead of deactivating this in every target config, deactivate it once
in the generic kernel config. I was asked for this config option in a
x86 64 build in OpenWrt 21.02.

Fixes: 87046e87e229 ("kernel: add missing kernel config symbol")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
3 years agokernel: add missing kernel config symbol
Kevin Darbyshire-Bryant [Sat, 27 Mar 2021 08:47:47 +0000 (08:47 +0000)]
kernel: add missing kernel config symbol

Bump to 5.10.26 reversed dependencies on IOMMU for CONFIG_VFIO thus
malta (at least) prompted for this new symbol.

Set it to 'false' in the default config.  rockchip & X86 enable it in
target specific configs.

Thanks to Tony Ambardar for falling over this one

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agomt76: update to the latest version
Felix Fietkau [Fri, 26 Mar 2021 20:56:26 +0000 (21:56 +0100)]
mt76: update to the latest version

6886b57a1534 mt76: connac: introcuce mt76_sta_cmd_info data structure
e529e8afe22a mt76: mt7921: properly configure rcpi adding a sta to the fw
e4d522776804 mt76: mt7921: fix airtime reporting
be2f67e8d3cb mt76: mt7915: fix key set/delete issue
09a1befde4b7 mt76: fix potential DMA mapping leak
f66f8f41d47b mt76: mt7915: refresh repeater entry MAC address when setting BSSID
035e2f6f1ddf mt76: mt7921: get rid of mt7921_mac_wtbl_lmac_addr
ee29cd5f3a6a mt76: mt7615: only enable DFS test knobs for mt7615
9a98b1a6f9c2 mt76: mt7615: cleanup mcu tx queue in mt7615_dma_reset()
3bd285424e7b mt76: mt7622: trigger hif interrupt for system reset
bf6d9ee4acd1 mt76: mt7615: keep mcu_add_bss_info enabled till interface removal
115b74282314 mt76: mt7915: keep mcu_add_bss_info enabled till interface removal
57432e701d1a mt76: mt7915: cleanup mcu tx queue in mt7915_dma_reset()
a519c49a6a42 mt76: mt7615: 0-terminate firmware log messages
4a22f2ffae2e mt76: mt7915: 0-terminate firmware log messages
b8609066893a mt76: mt7615: fix chip reset on MT7622 and MT7663e

Signed-off-by: Felix Fietkau <nbd@nbd.name>
3 years agox86/base-files: add support for Sophos SG/XG-105
Stan Grishin [Wed, 24 Mar 2021 16:18:08 +0000 (16:18 +0000)]
x86/base-files: add support for Sophos SG/XG-105

This adds detection of the Sophos SG-105 and Sophos XG-105 models
and assignment of ethernet ports these models have to LAN/WAN.

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agoopenssl: bump to 1.1.1k
Eneas U de Queiroz [Fri, 26 Mar 2021 17:46:29 +0000 (14:46 -0300)]
openssl: bump to 1.1.1k

This version fixes 2 security vulnerabilities, among other changes:

 - CVE-2021-3450: problem with verifying a certificate chain when using
   the X509_V_FLAG_X509_STRICT flag.

 - CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously
   crafted renegotiation ClientHello message from a client.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
3 years agoREADME: add install command to build requirements
Petr Štetiar [Thu, 25 Mar 2021 07:01:08 +0000 (08:01 +0100)]
README: add install command to build requirements

In commit 8c8496435a9d ("build: add GNU install to prerequisites") new
dependency was added, but addition to README was omitted.

Fixes: 8c8496435a9d ("build: add GNU install to prerequisites")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agoRevert "openssl: refresh patches"
Kevin Darbyshire-Bryant [Fri, 26 Mar 2021 09:12:12 +0000 (09:12 +0000)]
Revert "openssl: refresh patches"

This reverts commit e27ef2da0d513494c3e9926ce8d44b63e4236a32.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agoopenssl: refresh patches
Kevin Darbyshire-Bryant [Fri, 26 Mar 2021 08:58:07 +0000 (08:58 +0000)]
openssl: refresh patches

Tidy up some patch fuzz.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agoelfutils: enable building with MIPS16
Tony Ambardar [Wed, 24 Feb 2021 16:52:22 +0000 (08:52 -0800)]
elfutils: enable building with MIPS16

Building with MIPS16 was disabled in 2013 due to an issue with GCC TLS:
https://dev.archive.openwrt.org/ticket/13572. But after the problematic
GCC version was retired, this change wasn't revisited.

Re-enable MIPS16 builds to reduce average elfutils library sizes ~10%.
This was compile-tested on malta/mips32be and malta/mips32le, and linked
with iproute2 for run-testing. Package sizes follow:

Library  MIPS16:=0  MIPS16:=1
-------  ---------  ---------
libelf1    43217      37492
libasm1    12481      11658
libdw1    229723     205793

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
3 years agokernel: bump 5.10 to 5.10.26
Rui Salvaterra [Thu, 25 Mar 2021 09:32:18 +0000 (09:32 +0000)]
kernel: bump 5.10 to 5.10.26

Automatically refreshed:
ath79/patches-5.10/471-mtd-cfi_cmdset_0002-AMD-chip-0x2201-write-words.patch
bcm63xx/patches-5.10/143-gpio-fix-device-tree-gpio-hogs-on-dual-role-gpio-pin.patch
generic/hack-5.10/204-module_strip.patch

Run-tested:
ath79 (TL-WDR3600)
x86_64 (APU2 - ldir)

Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years agobuild,json: 3rd fixup of default_packages
Paul Spooren [Thu, 25 Mar 2021 20:25:54 +0000 (10:25 -1000)]
build,json: 3rd fixup of default_packages

This became a bit of a tragedy, caused by a corner cases which wasn't
put into account during testing. DEFAULT_PACKAGES are defined in
target/linux/<target>/Makefile but also in
target/linux/<target>/<subtarget>/target.mk.

The latter was no longer imported when using DUMP=1, however not using
DUMP=1 while running the Makefile in target/linux/<target>/ caused duplicate
packages in the list.

As a solution, which should have been used from day 0, `make` runs in
target/linux/ without DUMP=1, resulting in no duplicate packages and all
inclusions from include/target.mk, linux/target/<target>/{Makefile,
<subtarget>/target.mk}

While at it, sort the list of default packages.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agobuild,json: fixup fixup of arch_packages
Paul Spooren [Thu, 25 Mar 2021 04:54:36 +0000 (18:54 -1000)]
build,json: fixup fixup of arch_packages

The commit "1bf2b3fe90 build,json: fixup missing arch_packages" fixes
the missing package architecture locally but runs $(TOPDIR)/Makefile
rather than a target specific one. While this works on local builds just
fine, it causes the buildbots to add garbage to the `arch_packages`
variable:

    cd \"/builder/shared-workdir/build\"; git log --format=%h -1
    toolchain > /builder/shared-workdir/build/tmp/.ver_check\ncmp -s
    /builder/shared-workdir/build/tmp/.ver_check
    /builder/shared-workdir/build/staging_dir/toolchain-x86_64_gcc-8.4.0_musl/stamp/.ver_check
    || { \\\n\trm -rf
    /builder/shared-workdir/build/build_dir/target-x86_64_musl
    /builder/shared-workdir/build/staging_dir/target-x86_64_musl
    /builder/shared-workdir/build/staging_dir/toolchain-x86_64_gcc-8.4.0_musl
    /builder/shared-workdir/build/build_dir/toolchain-x86_64_gcc-8.4.0_musl;
    \\\n\tmkdir -p
    /builder/shared-workdir/build/staging_dir/toolchain-x86_64_gcc-8.4.0_musl/stamp;
    \\\n\tmv /builder/shared-workdir/build/tmp/.ver_check
    /builder/shared-workdir/build/staging_dir/toolchain-x86_64_gcc-8.4.0_musl/stamp/.ver_check;
    \\\n}\nx86_64

Only the last line contains the desired string.

Future investigation should check why the build system prints this to
stdout rather than stderr.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agobuild: add GNU install to prerequisites
Kevin Darbyshire-Bryant [Mon, 4 Jan 2021 20:55:38 +0000 (20:55 +0000)]
build: add GNU install to prerequisites

The recent removal of usbutils from core and replacement by hwdata in
packages has exposed hwdata's requirement for certain GNU options on
'install' (-T)  Other packages (sqm-scripts) have openwrt specific
makefile sections to avoid GNU options but I suspect this is going to
get harder in the future.

Add GNU install as a prerequisite and link into
$STAGING_DIR/host/etc/bin as per similar GNU utils

This resolves an issue building under MacOS which would otherwise use a
non-GNU options aware version of 'install'

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agobuild: make sure asm gets built with -DPIC
Philip Prindeville [Fri, 19 Mar 2021 21:09:45 +0000 (15:09 -0600)]
build: make sure asm gets built with -DPIC

Fixes issue openwrt/packages#14921, whereby inline ASM wasn't getting
built as PIC; look at gmp-6.2.1/mpn/x86/pentium/popcount.asm for
example:

ifdef(`PIC',`
...

for a routine that exists in both PIC and non-PIC versions.

Make sure that wherever $(FPIC) gets passed as a variable expansion
that it gets quoted where necessary (such as setting environment
variables in shell commands).

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agobuild,json: fixup missing arch_packages
Paul Spooren [Wed, 24 Mar 2021 21:01:46 +0000 (11:01 -1000)]
build,json: fixup missing arch_packages

Fix 7f4c2b1 "build,json: fix duplicates in default_packages" which
removed duplicate default packages but also removed the package
architecture from the profiles.json.

If DUMP=1 is set, the `ARCH_PACKAGES` is no longer exported and
therefore empty. Fix this by running make twice, once with DUMP=1 and
once without.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agoimage: fix append-image when building multiple profiles
Daniel Golle [Wed, 24 Mar 2021 22:53:23 +0000 (22:53 +0000)]
image: fix append-image when building multiple profiles

In case CONFIG_TARGET_MULTI_PROFILE is set, IMG_PREFIX cannot be
expanded. Use DEVICE_IMG_PREFIX instead and make sure it's defined.

Fixes: 8f89b1ab0f ("image: add 'append-image' build command")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agofirmware-utils: bcm4908kernel: name struct fields
Rafał Miłecki [Wed, 24 Mar 2021 21:44:14 +0000 (22:44 +0100)]
firmware-utils: bcm4908kernel: name struct fields

Less magic names / values.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agokernel: create bootfs partition when parsing on BCM4908
Rafał Miłecki [Wed, 24 Mar 2021 17:20:13 +0000 (18:20 +0100)]
kernel: create bootfs partition when parsing on BCM4908

It's helpful for accessing booting data (DTS, kernel, etc.). It has to
be used carefully as CFE's JFFS2 support is quite dumb. It doesn't
recognize deleted files and has problems handling 0 inode.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agofirmware-utils: bcm4908img: name fields & values
Rafał Miłecki [Wed, 24 Mar 2021 16:29:30 +0000 (17:29 +0100)]
firmware-utils: bcm4908img: name fields & values

Less magic numbers

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
3 years agomediatek: generate complete sdcard image for BPi-R64
Daniel Golle [Wed, 24 Mar 2021 13:44:52 +0000 (13:44 +0000)]
mediatek: generate complete sdcard image for BPi-R64

Populate the recovery and production partitions of the generated sdcard
image for the Bananapi BPi-R64.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoimage: add 'append-image' build command
Daniel Golle [Wed, 24 Mar 2021 13:34:13 +0000 (13:34 +0000)]
image: add 'append-image' build command

Commit 7ce1d9ce09 ("build: artifacts add dependency for built images")
now makes sure that sysupgrade and initramfs images are available at
the stage that artifacts are created.
Allow making use of that with a new build command 'append-image' to
be used in artifacts.
See the next commit for an example.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agobuild: artifacts: add dependency for built images
Oskari Lemmela [Sun, 21 Mar 2021 08:58:10 +0000 (10:58 +0200)]
build: artifacts: add dependency for built images

Add possibility to use images and initramfs in artifacts.

Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agomwlwifi: add PKG_FLAGS:=nonshared
Daniel Golle [Wed, 24 Mar 2021 09:47:12 +0000 (09:47 +0000)]
mwlwifi: add PKG_FLAGS:=nonshared

This should fix the problem of mwlwifi-firmware-* not being found
when using the ImageBuilder.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoucode: fix PKG_MIRROR_HASH
Daniel Golle [Wed, 24 Mar 2021 14:13:43 +0000 (14:13 +0000)]
ucode: fix PKG_MIRROR_HASH

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agobmips: reorganize patches
Álvaro Fernández Rojas [Wed, 24 Mar 2021 13:49:46 +0000 (14:49 +0100)]
bmips: reorganize patches

Reorder kernel patches after recent backports.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
3 years agobmips: switch to upstream ehci overcurrent flag
Álvaro Fernández Rojas [Wed, 24 Mar 2021 13:19:12 +0000 (14:19 +0100)]
bmips: switch to upstream ehci overcurrent flag

After backporting upstream ehci overcurrent patches we need to use spurious-oc
instead of ignore-oc.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>